Jump to content
Sign in to follow this  
Mini0n

Riaa Website Wiped Clean By “hackers”

Recommended Posts

RIAA Website Wiped Clean by “Hackers”

Apparently the RIAA is so busy suing consumers that they forgot to hire a decent programmer. With a simple SQL injection, all their propaganda has been successfully wiped from the site.

It started out on the social news website Reddit, where a link to a really slow SQL query was posted. While the Reddit users were trying to kill the RIAA server, someone allegedly decided to up the ante and wipe the site’s entire database.

The comments on Reddit are only speculation so far. Based on the username, which was apparently “webReadOnly”, it might not have been setup correctly, or someone could have found another way to delete the content form the site.

Another possibility is that the website has some sort of database flood protection that disables new connections, or perhaps the RIAA themselves removed the content temporarily. The latter seems unlikely, as a better solution would be to take it entirely offline to fix the bigger problem. While they could fix a small vulnerability like this in a matter of seconds, the chances are it’s not an isolated problem.

As pointed out by Haywire, playing around with the urls a bit can return some funny results. It is pretty easy to make the RIAA link to The Pirate Bay for example.

For now it sure does look like all the content has been wiped from the RIAA homepage. Let’s hope they have backups, or not.

Update: After a few hours the RIAA restored the site. They seem to have fixed the vulnerability, but we have saved some screenshots.

Update: They didn’t fix it all, this still works.

RIAA website without content

riaagonemk9.jpg

RIAA supporting The Pirate Bay

riaatpbrj0.jpg

Error?

riaaerrorpp2.jpg

Fonte: TorrentFreak

PWNED! :lol:

Share this post


Link to post
Share on other sites
RIAA website hacked by SQL injection

Nothing makes a peer-to-peer user more happy than website of RIAA hacked by an unknown script kiddie. That’s exactly what happened 2 or 3 days ago, when Reddit published an extremely long SQL code which almost shut down the whole RIAA server. Meanwhile, another people tried the weakenesses in the code and discovered a way to display and alter the whole SQL database. As a result, RIAA’s Press Releases section showed a link to ThePirateBay instead of any content for some time.

2czudls.jpg

There were more errors and security bugs in their presentation, for example an XSS bug which can be used to steal cookies and information. After 2 days, RIAA finally completely fixed the vulnerabilities and the website seems to be protected now. Anyway, this issue just shown this bloody organization is full of legal actions and lawsuing, but they somehow forget to secure their website. Besides, who wouldn’t want a TPB logo at their site?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.